Sayfalar

10 Kasım 2012 Cumartesi

Auditing Fraud in Banking Sector and Other Sectors (A Cue to Make Audit)

The auditor company must plan the audit to avoid or minimize misstatements in the financial statements resulting from errors, fraud and illegal acts. The Auditor is responsible if there are illegal factors in the company but his report is not reflected those items. The Auditor would be liable, for not having used reasonable care and skill during the audit. They will need to test the detailed transactions in the accounting records for their completeness, accuracy and validity.

In many countries the responsibility and accountability of the external auditors have been increased due to several fraud cases that have happened all over the world. Just to give an indication and a good example, we can show Australian case. The Australian Auditing Standard AUS 210 “The Auditor’s Responsibility to Consider Fraud and Error in an Audit of a Financial Report” has been amended a number of times in recent years to increase the external auditor’s responsibility in this area. It defines fraud as “…an intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception to obtain an unjust or illegal advantage.”[1] This definition shows that other than management or employees the third parties may also be involved in fraud cases and the external auditor is one of the third parties.

According to the past experiences, there are three kinds of Fraud scenario which will be explained in the following:[2]

·1st scenario: Fraud that has been or is being prosecuted,

·2nd scenario: Fraud that has been detected but which has not been prosecuted and

·3rd scenario: Fraud which has not been detected.

Since the second and third scenario cannot be examined the first scenario is the best situation. Victims never release the details of second scenario fraud situations. This is also the same in the third scenario which can never be examined for obvious reasons.[3]

When we come to the individuals who are known as the fraud perpetrurators, we can state that these people are:[4]

·Less likely to be caught or turned in to law enforcement.

·Less likely to serve long sentences.

·Fraud perpetrators are older than normal prison population.

·Better educated.

·More like college students than property crimes offenders.

Nevertheless, we shouldn’t restrict the characteristics of the fraud perpetrators with the above explanations. This result has been revealed after examining different fraud cases and we will see that the above profile is somehow true for the cases that will be explained in the fourth section.

The perpetrators may have some personal or psychological problems where they are under the effect of three factors (also called as fraud triangle) that are stated below:[5]

·Pressure: The pressure may be real or imaginary, but if we only concentrate on the compulsive behaviors (gambling, alcohol, illegal drug use), financial debts (credit cards, health care), family problems (divorce, extramarital affairs, problems with children), etc.

·Rationalization: Employees, vendor, others justify fraud by using several defensive statements such as telling lies (“They owe me” or “I earned it”), or rationalizations (“I need it more than they do”, “It’s only fair”). In these cases the person is not accepting reality.

·Opportunity: Opportunity is the perception by someone believing they can commit a fraud without getting caught.

Under the above mentality the perpetrators commit frauds.

If we refer back to the first chapter we can remember that we have classified frauds in two main types as occupational and non-occupational. However we will concentrate on occupational fraud cases so there are three main fraud types:

·Fraudulent Statements

·Asset Misappropriation and

·Bribery and Corruption

Nevertheless, in some sources the fraudulent statements and asset misappropriation are shown as main fraud types. Therefore we will be focusing on these main fraud types.[6]

The fraudulent statements are the intentional misstatement or omission of amounts or disclosure in financial statements to deceive users. The purpose of the misstatement is to help management achieve earnings targets (e.g. to obtain higher bonuses). Other than this; revenues and expenses are usually shifted across accounting periods to reduce fluctuations in earnings.[7]

Misappropriation of assets fraud is the second type of fraud that involves theft of an entity’s assets. These are usually perpetrated at lower levels of the organization’s hierarchy, i.e. by non-management employees.[8]

After defining the fraud types and the character of the suspicious individuals we must generate a road map for the auditor through which she or he can make the audit. The following table[9] will help the auditors the way they audit the firm.

What to do?

What not to do?

To be responsive to employee concerns.

·The auditor must acknowledge the concern.

·They should encourage employees to voice any reasonably held suspicion as part of developing an effective anti-fraud culture.

·Allcomplaints must be investigated.

To note details.

·They should note all relevant dates.

·They should get as much information as possible from the reporting employee, preferably in writing.

·A statement might be required as part of the evidence, but this will be dealt with during the course of the investigation by Internal Audit.

·If the employee has made any notes, the auditor must obtain these also. In addition, they must note any documentary evidence which may exist to support the allegations made, but do not interfere with this evidence in any way.

To evaluate the allegation objectively

·Before the auditor takes the matter further, they need to determine whether any suspicions appear to be justified. They need to be objective when evaluating the issue.

·They should consider the facts as they appear, based on the information they have to hand and any further information sought from the reporting employee. If in doubt they should raise their suspicions anyway.

To advise the appropriate person.

·If they feel that a suspicion is justified, they should advise the Council’s Audit & IT Manager. They should also let Internal Audit have the reporting employee’s name in order that he/she might be kept informed of the progress of the investigation and its outcome.

To deal with the matter promptly if they feel the concerns are warranted.

·Any delay may cause the Council to suffer further financial loss. Depending upon the findings of the internal investigation, the matter could be referred to the district auditor or the police for attention.

To ridicule suspicions raised by the employees.

·The Council cannot operate an effective anti-fraud policy if employees are reluctant to pass on their concerns to management.

·Employees may be reluctant to raise concerns for fear of ridicule or recrimination.

·The auditor needs to ensure that all employee concerns are given a fair hearing. The auditor should reassure employees that they will not suffer recrimination as a result of raising any reasonably held suspicion. In particular, the auditor should note that employees are protected from dismissal and selection for redundancy.

To disclose to any person being investigated the source of the

information.

·The auditor should not give information about the employee to the employer in order to protect him or her against dismissal or redundancy.

To approach or accuse any individuals directly.

·The auditor should note each information in order to prove the fraud. Before proving the fraud, they should not blame anyone.

To convey their suspicions to anyone other than those with proper

authority.

·The auditor should disclose information to the responsible people who will help in revealing the fraud case.

To try to investigate the matter himself / herself

·The auditor must remember that poorly managed investigations by employees who are unfamiliar with evidential requirements are highly likely to jeopardise a successful criminal prosecution.

With the above table they must be very careful in detecting the fraud that has happened in the company. The following happenings may give cues to the auditors about the fraudulent transactions:[10]

·Missing Documents,

·“Stale Items” on Bank Reconciliation,

·Excessive Voids or Credits,

·Payee Names & Addresses = Customer Names & Addresses,

·Photocopied Documents,

·Payee Names & Addresses = Employee Names & Addresses,

·Past Due A/R increasing,

·Reconciling Items increasing,

·Altered Documents,

·Duplicate Payments,

·Second Endorsements on Checks,

In order to give a true example from an auditing company we can use the following statement of Deloitte and Touche. They are stating the procedure like in the following sequence:[11]

·“We make inquiries of management to obtain their understanding regarding the risk of fraud within their entity and to determine whether they have knowledge of fraud that has been perpetrated on or within the entity.Some of our clients may not actively or systematically consider the risk of fraud within their entity.Accordingly, this Checklist has been designed to assist our clients in performing an assessment of the risk of fraud within their entity by providing them with a list of fraud risk factors to consider.

·The Fraud Risk Assessment Checklist is intended to be used to stimulate a meaningful discussion with client management regarding the risk of fraud within their organization.Prior to our discussion, management may wish to complete this Checklist in order to discuss the factors that may be present within their entity, as well as how they might be addressing the risks associated with each factor.

·We should consider whether the information obtained indicates that one or more fraud risk factors are present when obtaining our understanding of the entity and its environment, including its internal control, and during the course of our other preliminary planning activities.If we identify fraud risk factors, we should consider whether these fraud risk factors result in a risk of material misstatement due to fraud.

·Although the risk factors cover a broad range of situations, they are only examples and, accordingly, the engagement team may wish to consider additional or different risk factors. Not all of these examples are relevant in all circumstances, and some may be of greater or lesser significance in entities of different size or with different ownership characteristics or circumstances. Also, the order of the examples of risk factors provided is not intended to reflect their relative importance or frequency of occurrence.

·We are required for the purpose of our audit to specifically assess the risk of material misstatement of the financial statements due to fraud. The following document sets forth a listing of fraud risk factors to assist us in making that assessment.These fraud risk factors represent factors that have been present in actual fraud cases.

·We are also required to make specific inquiries of you to obtain your understanding regarding the risk of fraud within your entity and to determine whether you have knowledge of fraud that has been perpetrated on or within your entity.

·Although the fraud risk factors have been written from the perspective of an auditor, an understanding of such risk factors may be of use to you in considering the risk of fraud within your entity.These risk factors have been divided into two groups:

·Risk factors related to misstatements arising from misappropriation of assets.

·Misstatements arising from fraudulent financial reporting are intentional misstatements or omissions of amounts or disclosures in financial statements to deceive financial statement users.Misstatements arising from misappropriation of assets involve the theft of an entity’s assets where the effect of the theft causes the financial statements not to be presented in accordance with generally accepted accounting principles.

·For each of these types of fraud, the risk factors are further classified based on three conditions generally present when material misstatements due to fraud occur:

·Incentives/pressures,

·Opportunities, and

·Attitudes/rationalizations.

·In anticipation of our discussions with you regarding fraud, you may wish to complete the Checklist by identifying those fraud risk factors that are present within your entity.Place an X next to each statement that is true or applicable to the entity, without giving any consideration to significance or mitigating control considerations.To the extent risk factors are present, we will discuss how these factors may specifically increase the risk of fraud within your entity and, if applicable, and how you are addressing such risks.

·Some of the examples are relevant and some may not be relevant. Although the risk factors cover a broad range of situations, they are only examples and you may find that there are additional or different risk factors. If additional items representing risk factors are identified, please describe such items at the end of each section.

·To get a broader perspective of fraud risk within your entity, you may consider distributing this checklist to other members of management to complete. This table helps us to identify the risk factors that are present within your entity and how they are addressed.”

Opportunities

·The nature of the industry or the entity’s operations provides opportunities to engage in fraudulent financial reporting that can arise from the following:

-Significant related-party transactions not in the ordinary course of business or with related entities not audited or audited by another firm.

-A strong financial presence or ability to dominate a certain industry sector that allows the entity to dictate terms or conditions to suppliers or customers that may result in inappropriate or non-arm’s length transactions.

-Assets, liabilities, revenues, or expenses based on significant estimates that involve subjective judgments or uncertainties that are difficult to corroborate.

-Significant, unusual, or highly complex transactions, especially those close to period end that pose difficult “substance over form” questions.

-Significant operations located or conducted across international borders in jurisdictions where differing business environments and cultures exist.

-Use of business intermediaries for which there appears to be no clear business justification.

-Significant bank accounts or subsidiary or branch operations in tax haven jurisdictions for which there appears to be no clear business justification

·There is ineffective monitoring of management as a result of the following:

-Domination of management by a single person or small group (in a non owner-managed business) without compensating controls.

-Ineffective oversight by those charged with governance over the financial reporting process and internal control.

·There is a complex or unstable organizational structure, as evidenced by the following:

-Difficulty in determining the organization or individuals that have controlling interest in the entity.

·Nonfinancial management’s excessive participation in or preoccupation with the selection of accounting policies or the determination of significant estimates.

·Known history of violations of securities laws or other laws and regulations, or claims against the entity, its senior management, or those charged with governance alleging fraud or violations of laws and regulations.

·Excessive interest by management in maintaining or increasing the entity’s stock price or earnings trend.

·A practice by management of committing to analysts, creditors, and other third parties to achieve aggressive or unrealistic forecasts.

·Management failing to correct known material weaknesses in internal control on a timely basis.

·The owner-manager makes no distinction between personal and business transactions.

·Dispute between shareholders in a closely held entity.

·Recurring attempts by management to justify marginal or inappropriate accounting on the basis of materiality.

·The relationship between management and the current or predecessor auditor is strained, as exhibited by the following

-Frequent disputes with the current or predecessor auditor on accounting, auditing, or reporting matters.

-Unreasonable demands on the auditor, such as unreasonable time constraints regarding the completion of the audit or the issuance of the auditor’s report.

-Formal or informal restrictions on the auditor that inappropriately limit access to people or information or the ability to communicate effectively with those charged with governance.

-Domineering management behavior in dealing with the auditor, especially involving attempts to influence the scope of the auditor’s work or the selection or continuance of personnel assigned to or consulted on the audit engagement.

2.Risk Factors Relating to Misstatements Arising From Misappropriation of Assets

Incentives/Pressures

·Personal financial obligations may create pressure on management or employees with access to cash or other assets susceptible to theft to misappropriate those assets.

·Adverse relationships between the entity and employees with access to cash or other assets susceptible to theft may motivate those employees to misappropriate those assets. For example, adverse relationships may be created by the following:

-Known or anticipated future employee layoffs.

-Recent or anticipated changes to employee compensation or benefit plans.

-Promotions, compensation, or other rewards inconsistent with expectations.

Opportunities

·Certain characteristics or circumstances may increase the susceptibility of assets to misappropriation. For example, opportunities to misappropriate assets increase when there are the following:

-Large amounts of cash on hand or processed.

-Inventory items that are small in size, of high value, or in high demand.

This web site has been designed in order to give information to the researchers about economy, finance, banking, business administration, marketing and related fields . These articles can be used if and only if they are cited.